mail icon indicating copy to clipboard operation
mail copied to clipboard
verified publisher icon nextcloud

[Feature Request] Password as SAML Attribute

Open Aeris1One opened this issue 2 years ago • 1 comments

Is your feature request related to a problem? Please describe.

We use Nextcloud with Keycloak SAML login enabled. Mailboxes uses a specific password that is stored in cleartext as an attribute named mail-password in Keycloak.

There's at the moment no way to auto-provision mail account when using SAML (or OIDC) and not a password-based login on Nextcloud.

Describe the solution you'd like

image It would be useful to be able to specify an attribute that is passed to Nextcloud when login through SAML and is used to specify password for auto-provisioning mail accounts.

Also, as attributes are passed at every login, it would be great to update the password at every login in case it is changed (in our case users aren't able to specify their own password but can request a new random one).

Describe alternatives you've considered

No response

Additional context

OIDC can also pass arbitrary attributes just like SAML can, so I would be great to support the same feature with OIDC.

Aeris1One avatar Aug 23 '23 19:08 Aeris1One

Is there any progress? We just switched to OIDC logins and now mail provisioning stopped working.

roberthr74 avatar Oct 28 '25 10:10 roberthr74